Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

piccolo — Vulnerabilities & Security Advisories 2

All 2 CVE vulnerabilities found in piccolo, with AI-generated Chinese analysis, references, and POCs.

Vendor: piccolo-orm

CVE IDTitleCVSSSeverityPublished
CVE-2023-47128 piccolo SQL Injection via named transaction savepoints CWE-89 9.1 Critical2023-11-10
CVE-2023-41885 Piccolo's current `BaseUser.login` implementation is vulnerable to time based user enumeration CWE-204 5.3 Medium2023-09-12

All 2 known CVE vulnerabilities affecting piccolo with full Chinese analysis, references, and POCs where available.